CVE-2020-0758

Summary

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815.

Affected Software

VendorProductVersion RangeStatus
MicrosoftTeam Foundation Server 2018Update 1.2affected
MicrosoftTeam Foundation Server 2018Update 3.2affected
MicrosoftTeam Foundation Server2017 Update 3.1affected
MicrosoftAzure DevOps Server2019.0.1affected
MicrosoftAzure DevOps Server 2019Update 1affected
MicrosoftAzure DevOps Server 2019 Update 1.1unspecifiedaffected

Weaknesses

  • Elevation of Privilege

ADP Enrichment

CVE Program Container

Additional References

References